OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2010-03-05T19:00:00
Updated: 2024-08-07T06:22:24.020Z
Reserved: 2009-09-18T00:00:00
Link: CVE-2009-3245
Vulnrichment
No data.
NVD
Status : Modified
Published: 2010-03-05T19:30:00.343
Modified: 2024-11-21T01:06:53.233
Link: CVE-2009-3245
Redhat